The present invention relates generally to distributed computing and, more particularly, to delivering web services.
The Internet protocol (IP) Multimedia Subsystem (IMS) is a standard that has been developed to define the control and integration of multimedia services in a core, packet-switched network. In particular, the IMS architecture defines a set of logical functions that use a signaling protocol known as the session initiation protocol (SIP) to establish communication sessions in an IP network. A “session” may be, for example, a one-to-one voice call or a more complex interaction, such as a one-to-many conference call involving multimedia services. SIP may also be used to facilitate voice over IP (VoIP) services, in which voice is transported in IP data packets that are re-assembled and converted into an audio signal for the recipient. IMS may be characterized as a standardized way to connect IP devices and networks using SIP.
A web service is a reusable piece of software that interacts by exchanging messages over a network. Commonly, web services use Simple Object Access Protocol (SOAP), a protocol for exchanging XML-based messages. A common messaging pattern in SOAP is the Remote Procedure Call (RPC) pattern, in which one a web service requester sends a request message to a web service provider, and the web service provider sends a response message that provides the requested service, for example, the result of applying a particular procedure based on parameters passed in the web service request.
Generally, it is desirable that a web service have some type of authentication capability, such that unauthorized access to the service may be prevented. A variety of different authentication techniques may be used for web services, including transmisssion of credentials to the web service provider with or without encryption, digest techniques in which credentials may be hashed on the client and server and the results compared, and third party certificate approaches wherein a user requests and installs a certificate from a trusted third party (e.g., Verisign, Entrust, etc.), and the web service provider can query the third party to verify credentials as required.